IBM AppScan Enterprise

How AppScan Enterprise works

Scalable application security testing

A scalable enterprise architecture allows for multiple application security testers. AppScan Enterprise offers a variety of techniques for testing web, non-web and mobile applications, including dynamic, static and interactive analysis. It scans websites for links to malicious websites based on the IBM X-Force database—integrating dynamic and static analysis techniques to identify vulnerabilities in client-side JavaScript. It also aggregates dynamic and static analysis for enhanced reporting.

Detailed security reports and enterprise-level dashboards

AppScan Enterprise helps classify and prioritize application assets based on business impact and identify high-risk areas. You gain visibility into the security and compliance risks presented by identified vulnerabilities and can demonstrate progress through performance metrics.

Risk-based application security management

With AppScan Enterprise 9.0 or higher, organizations can define risk based on their own strategy. A measure for risk can be determined on an application by factors such as access, business impact or significance of security threats. These factors can be customized and programmed into AppScan Enterprise’s calculations. Managers can define rules to measure risk and then automatically classify or rank applications based on that risk to help them make reliable and resource-efficient decisions.